For nearly three weeks, since May 7th, Baltimore
has been under a ransomeware attack which has left the city systems shut down.

Baltimore’s city government has experienced system failures
for everything from email to systems which enable residents to pay water bills,
purchase homes and other tech-reliant services.

As The New York Times first reported, the tool used to cripple Baltimore city government systems is a created called EternalBlue.

EternalBlue is a National Security Agency (NSA) creation and
has been used in other high-profile cyberattacks, leaving many wondering just
how much damange the NSA tech may cause in hacker hands.

The hackers used EternalBlue to exploit vulnerability in
certain versions of Microsoft Windows XP and Vista, which allowed hackers to
execute remote commands on their unsuspecting target.

EternalBlue was leaked by hacker group The ShadowBrokers in
April 2017. In response, Microsoft release a patch to fix the exploit within
one day.

But the weakness is that users must have applied the patch
in order to remain protected. Those without the patch are left exposed to
EternalBlue’s intrusion.

Since 2017, EternalBlue has been responsible for many major
cyberattacks, including Wannacry in May 2017 and NotPetya in June 2017.

A recent report from WeLiveSecurity notes that malware
attacks of this sort are increasing, especially in the U.S.

As WeLiveSecurity notes, “Poor security practices and lack
of patching are likely reasons why malicious use of the EternalBlue exploit has
been growing continuously since the beginning of 2017, when it was leaked
online.”

Despite Baltimore’s computers being hit was ransomware, the city officials have said they won’t pay the $76,000 ransom demand.

Instead, the city has been doing its best to manually process transactions, set up Gmail systems and implement other strategies to work around the problems.